<?php
if (isset($_POST['submit'])) {
    require_once ("Connection.php");
    $Mag_name = trim(mysql_escape_string($_POST['name']));
    $Mag_ptime = trim(mysql_real_escape_string($_POST['ptime']));
    if ($_FILES["file1"]["error"] > 0) {
        echo "Error: " . $_FILES["file1"]["error"] . "<br>";
    } else {
        $allowedExts = array(
            "jpg",
            "png",
            "gif",
            "jpeg",
            "pjpeg",
            "x-png",
            "Bmp");
    }
   if ($_FILES["file2"]["error"] > 0) {
      echo "Error: " . $_FILES["file2"]["error"] . "<br>";
   } else {
      $allowedExts2 = array("pdf");
    }

    $temp1 = explode(".", $_FILES["file1"]["name"]);
    $extension = end($temp1);
    $temp2 = explode(".", $_FILES["file2"]["name"]);
    $extension2 = end($temp2);
   
    if ((($_FILES["file1"]["type"] == "image/gif") || ($_FILES["file1"]["type"] ==
        "image/jpeg") || ($_FILES["file1"]["type"] == "image/jpg") || ($_FILES["file1"]["type"] ==
        "image/pjpeg") || ($_FILES["file1"]["type"] == "image/x-png") || ($_FILES["file1"]["type"] ==
        "image/png")) && ($_FILES["file1"]["size"] < 200000) && in_array($extension, $allowedExts)) {
        
         $path = "upload/". $_FILES["file1"]["name"];
          move_uploaded_file($_FILES["file1"]["tmp_name"], $path);
        
            } else { ?> <script>alert("You can't upload this file.\nOnly files with extensions [ jpg , png , gif , Bmp ] are allowed."); 
                          window.history.back(); </script> <?php }
     
             if (($_FILES["file2"]["type"] == "application/pdf") && ($_FILES["file2"]["size"] < 2000000) && in_array($extension2, $allowedExts2)) { 
         $path2 = "upload/". $_FILES["file2"]["name"];
          move_uploaded_file($_FILES["file2"]["tmp_name"], $path2);
            } else { ?> <script>alert("You can't upload this file.\nOnly files with extensions [ pdf ] are allowed."); 
                          window.history.back(); </script> <?php }
        
        
        
        mysql_query("INSERT INTO `Magazine` (`Magazine_name`,`Magazine_ptime`,`Magazine_cphoto`,`Magazine_pdf`) VALUES ('$Mag_name','$Mag_ptime','$path','$path2')");
        header("Location: Admin_Magazine.php");
}
?>
